svn commit: r295554 - head/share/examples/jails
Devin Teske
dteske at FreeBSD.org
Fri Feb 12 01:41:42 UTC 2016
Author: dteske
Date: Fri Feb 12 01:41:40 2016
New Revision: 295554
URL: https://svnweb.freebsd.org/changeset/base/295554
Log:
Add syntax to disable MAC allocation
Adding `!' before an interface name will disable MAC allocation, falling
back to driver mechanics. Alternatively adding `=' before an interface name
causes the MAC address to be cloned (for ng_bridge(4) back-end only). While
here, disable the auto-detection of wlan* since this knocks the host off;
requiring the host that defines the jail to explicitly enable this feature
by preceding the interface with `='.
Modified:
head/share/examples/jails/jib
head/share/examples/jails/jng
Modified: head/share/examples/jails/jib
==============================================================================
--- head/share/examples/jails/jib Fri Feb 12 01:12:44 2016 (r295553)
+++ head/share/examples/jails/jib Fri Feb 12 01:41:40 2016 (r295554)
@@ -257,7 +257,7 @@ mustberoot_to_continue()
fi
}
-jib_addm_usage="addm [-b BRIDGE_NAME] NAME interface0 [interface1 ...]"
+jib_addm_usage="addm [-b BRIDGE_NAME] NAME [!]iface0 [[!]iface1 ...]"
jib_addm_descr="Creates e0b_NAME [e1b_NAME ...]"
jib_addm()
{
@@ -278,9 +278,14 @@ jib_addm()
mustberoot_to_continue
local iface eiface_devid_a eiface_devid_b
- local new num quad i=0
+ local new no_derive num quad i=0
for iface in $*; do
+ no_derive=
+ case "$iface" in
+ !*) iface=${iface#!} no_derive=1 ;;
+ esac
+
# 1. Make sure the interface doesn't exist already
ifconfig "e${i}a_$name" > /dev/null 2>&1 && continue
@@ -309,9 +314,13 @@ jib_addm()
# 6. Set the MAC address of the new interface using a sensible
# algorithm to prevent conflicts on the network.
#
- derive_mac -2 $iface "$name" eiface_devid_a eiface_devid_b
- ifconfig "e${i}a_$name" ether $eiface_devid_a > /dev/null 2>&1
- ifconfig "e${i}b_$name" ether $eiface_devid_b > /dev/null 2>&1
+ eiface_devid_a= eiface_devid_b=
+ [ "$no_derive" ] || derive_mac -2 $iface "$name" \
+ eiface_devid_a eiface_devid_b
+ if [ "$eiface_devid_a" -a "$eiface_devid_b" ]; then
+ ifconfig "e${i}a_$name" ether $eiface_devid_a
+ ifconfig "e${i}b_$name" ether $eiface_devid_b
+ fi > /dev/null 2>&1
i=$(( $i + 1 )) # on to next e{i}b_name
done # for iface
Modified: head/share/examples/jails/jng
==============================================================================
--- head/share/examples/jails/jng Fri Feb 12 01:12:44 2016 (r295553)
+++ head/share/examples/jails/jng Fri Feb 12 01:41:40 2016 (r295554)
@@ -259,7 +259,7 @@ mustberoot_to_continue()
fi
}
-jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME [=]iface0 [[=]iface1 ...]"
+jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME [!|=]iface0 [[!|=]iface1 ...]"
jng_bridge_descr="Create ng0_NAME [ng1_NAME ...]"
jng_bridge()
{
@@ -281,12 +281,14 @@ jng_bridge()
mustberoot_to_continue
local iface parent eiface eiface_devid
- local new clone_mac num quad i=0
+ local new clone_mac no_derive num quad i=0
for iface in $*; do
clone_mac=
+ no_derive=
case "$iface" in
=*) iface=${iface#=} clone_mac=1 ;;
+ !*) iface=${iface#!} no_derive=1 ;;
esac
# 0. Make sure the interface doesn't exist already
@@ -346,24 +348,15 @@ jng_bridge()
# 6. Set the MAC address of the new interface using a sensible
# algorithm to prevent conflicts on the network.
#
- case "$iface" in
- wlan[0-9]*)
- parent=$( sysctl -n net.wlan.${iface#wlan}.%parent )
- case "$parent" in
- iwn[0-9]*)
- # iwn(4) supports only 1 virtual net at a time
- # NB: Cloning MAC allows new interface to work
- clone_mac=1 ;;
- esac
- esac
+ eiface_devid=
if [ "$clone_mac" ]; then
- eiface_devid=$(
- ifconfig $iface ether | awk '/ether/,$0=$2'
- )
- else
+ eiface_devid=$( ifconfig $iface ether |
+ awk '/ether/,$0=$2' )
+ elif [ ! "$no_derive" ]; then
derive_mac $iface "$name" eiface_devid
fi
- ifconfig $eiface ether $eiface_devid
+ [ "$eiface_devid" ] &&
+ ifconfig $eiface ether $eiface_devid > /dev/null 2>&1
i=$(( $i + 1 )) # on to next ng{i}_name
done # for iface
More information about the svn-src-head
mailing list